Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
File:                     HpPX4oqwueeUSHlGoProzW7VQHE.mft (raw, json)
Hash identifier:          OUecK+AQoF4T0zQKR3l1s59UP2rapv8iH25tGpPNeKo=
Subject key identifier:   65:37:C3:01:D4:E5:6E:45:1F:0B:B0:2C:58:C4:65:66:CA:FC:2E:D1
Authority key identifier: 1E:93:D7:E2:8A:B0:B9:E7:94:48:79:46:A0:FA:E8:CD:6E:D5:40:71
Certificate issuer:       /CN=1e93d7e28ab0b9e794487946a0fae8cd6ed54071
Certificate serial:       0199172D552DA24C99E6B9E77E5BB013E00D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
Manifest number:          05
Signing time:             Fri 05 Sep 2025 00:01:10 +0000
Manifest this update:     Fri 05 Sep 2025 00:01:10 +0000
Manifest next update:     Sat 06 Sep 2025 00:01:10 +0000
Files and hashes:         1: HpPX4oqwueeUSHlGoProzW7VQHE.crl (hash: ySfZ0ADYbTBrMjOzunsyuvMXJZHDJKqAw4PMFtBXhnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 00:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:2d:55:2d:a2:4c:99:e6:b9:e7:7e:5b:b0:13:e0:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e93d7e28ab0b9e794487946a0fae8cd6ed54071
        Validity
            Not Before: Sep  5 00:01:10 2025 GMT
            Not After : Sep  6 00:01:10 2025 GMT
        Subject: CN=6537c301d4e56e451f0bb02c58c46566cafc2ed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ff:7e:cb:e6:cd:44:3a:8b:18:b7:3a:d6:c9:
                    88:98:21:38:78:0e:f6:0f:a4:66:29:4e:9e:e8:5d:
                    64:ee:d8:aa:7d:06:ff:f3:d3:f9:06:74:19:24:93:
                    1a:63:07:a0:ac:f7:eb:04:8f:0b:17:5d:3a:d8:63:
                    1f:ed:36:7a:db:59:a4:5f:02:31:0f:97:69:db:1b:
                    15:bb:fe:bd:17:e0:6f:63:1d:1d:f6:e9:b3:69:bc:
                    5e:b4:ec:2e:8e:e0:cf:81:be:d3:a9:7a:50:d9:5c:
                    28:6d:30:62:3f:82:ba:f7:0b:5c:26:c6:0d:00:ec:
                    15:fa:32:c4:31:50:4c:9b:28:35:f7:9c:9d:36:ed:
                    85:65:74:b6:bc:60:6c:af:82:bf:6e:2d:c7:78:fe:
                    a9:e2:90:55:fb:4d:3b:6c:ea:66:eb:22:c7:f2:2f:
                    82:fa:ff:8f:ab:21:fc:0a:b3:83:f6:94:52:41:57:
                    fe:d4:88:2b:ea:69:a1:47:45:03:a7:b4:e4:6b:81:
                    1c:9f:f1:8d:b8:53:b2:55:0d:5d:48:64:1b:46:d5:
                    c1:d8:5f:81:12:e8:8b:4f:53:67:40:a9:43:82:72:
                    52:96:7c:14:4a:79:5a:3f:72:fb:06:82:b9:69:50:
                    61:16:db:8a:c1:14:1d:7e:ee:6d:79:67:3f:94:9d:
                    a2:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:37:C3:01:D4:E5:6E:45:1F:0B:B0:2C:58:C4:65:66:CA:FC:2E:D1
            X509v3 Authority Key Identifier:
                keyid:1E:93:D7:E2:8A:B0:B9:E7:94:48:79:46:A0:FA:E8:CD:6E:D5:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:30:69:fb:54:6a:c0:e7:d7:b3:50:7f:ab:fb:d0:0a:8b:05:
         0f:6e:8d:f0:60:b4:5f:cb:90:49:4f:5b:bd:69:bc:63:df:d0:
         34:e5:0b:9c:f4:61:0f:b6:6f:91:03:dd:6a:b8:ee:05:86:96:
         90:e8:09:8a:13:26:20:1a:4e:01:e5:d1:41:76:3d:cb:f5:38:
         fc:cd:39:ea:80:eb:ae:78:17:1b:0e:b2:cd:52:ef:eb:9c:5e:
         3e:dd:93:1a:a3:47:66:84:6c:9a:d4:4a:fe:00:5d:c8:2b:7c:
         ac:5c:66:06:b8:d0:81:f8:ac:e6:42:f7:9c:58:7f:0b:12:f8:
         c2:25:67:14:50:3c:55:6d:07:39:c1:01:05:1b:3e:12:c4:c7:
         e8:ae:de:75:b4:80:f3:59:48:d3:fe:a9:9d:27:7c:63:1c:98:
         b6:86:b2:49:d8:4d:26:f9:64:b8:44:17:b8:e0:cd:8e:a6:92:
         de:a9:fc:50:00:58:70:0a:30:c0:2f:62:46:80:7e:a3:e4:66:
         e0:da:c1:bd:54:ae:0c:64:0f:2d:5c:f0:bb:30:e8:a7:2b:f2:
         32:e2:82:3b:5f:f0:4d:b3:b1:a6:14:63:f6:7f:65:e4:65:98:
         01:7f:89:e6:c5:3f:8f:ac:ce:dd:e9:de:48:e7:93:64:a6:e3:
         7a:f0:da:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLVUtokyZ5rnnfluwE+ANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTNkN2UyOGFiMGI5ZTc5NDQ4Nzk0NmEwZmFlOGNkNmVk
NTQwNzEwHhcNMjUwOTA1MDAwMTEwWhcNMjUwOTA2MDAwMTEwWjAzMTEwLwYDVQQD
Eyg2NTM3YzMwMWQ0ZTU2ZTQ1MWYwYmIwMmM1OGM0NjU2NmNhZmMyZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3f9+y+bNRDqLGLc61smImCE4eA72
D6RmKU6e6F1k7tiqfQb/89P5BnQZJJMaYwegrPfrBI8LF1062GMf7TZ621mkXwIx
D5dp2xsVu/69F+BvYx0d9umzabxetOwujuDPgb7TqXpQ2VwobTBiP4K69wtcJsYN
AOwV+jLEMVBMmyg195ydNu2FZXS2vGBsr4K/bi3HeP6p4pBV+007bOpm6yLH8i+C
+v+PqyH8CrOD9pRSQVf+1Igr6mmhR0UDp7Tka4Ecn/GNuFOyVQ1dSGQbRtXB2F+B
EuiLT1NnQKlDgnJSlnwUSnlaP3L7BoK5aVBhFtuKwRQdfu5teWc/lJ2i0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGU3wwHU5W5FHwuwLFjEZWbK/C7RMB8GA1UdIwQY
MBaAFB6T1+KKsLnnlEh5RqD66M1u1UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2IyMTQtYmE4ZC00ZGY5LTllYzkt
MWExNmVmNDkyMDM0LzEvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84N2IyMTQtYmE4ZC00ZGY5LTllYzktMWExNmVmNDkyMDM0
LzEvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejBp+1Rq
wOfXs1B/q/vQCosFD26N8GC0X8uQSU9bvWm8Y9/QNOULnPRhD7ZvkQPdarjuBYaW
kOgJihMmIBpOAeXRQXY9y/U4/M056oDrrngXGw6yzVLv65xePt2TGqNHZoRsmtRK
/gBdyCt8rFxmBrjQgfis5kL3nFh/CxL4wiVnFFA8VW0HOcEBBRs+EsTH6K7edbSA
81lI0/6pnSd8YxyYtoaySdhNJvlkuEQXuODNjqaS3qn8UABYcAowwC9iRoB+o+Rm
4NrBvVSuDGQPLVzwuzDopyvyMuKCO1/wTbOxphRj9n9l5GWYAX+J5sU/j6zO3ene
SOeTZKbjevDa3Q==
-----END CERTIFICATE-----